﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using DAL;
using System.Data.SqlClient;
using System.Data;

namespace UI.Admin
{
    public partial class dangnhap : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void btndangnhap_Click(object sender, EventArgs e)
        {
            string tendn = txtdusername1.Text;

            // encrypt password
            string pass = DBConnection.mahoamk(txtpasswd.Text, true);
            SqlParameter[] ThamSo = new SqlParameter[]
            {
            new SqlParameter("UserName",tendn),
            new SqlParameter("Password",pass),
            };

            // get user by TenDN and MatKhauDN
            DataTable dt = DBConnection.GetDatatableByStoreProcedureName("sp_getNhanVienbyUserNameAndPassword", ThamSo);

            // if correct both TenDN and MatKhauDN

            if (dt.Rows.Count == 1)
            //if (0 == 0)
            {
                // Check role

                Session["TenDN"] = tendn;
                Session["Quyen"] = dt.Rows[0]["MaQuyen"];

                if (CheckBox1.Checked)
                {
                    HttpCookie cookie = new HttpCookie("ckusername" + tendn + "~" + pass);
                    cookie.Expires = DateTime.Now.AddDays(2);
                    Response.Cookies.Add(cookie);
                }
            }
            // not correct TenDN and password.
            else
            {
                Response.Redirect("~/thongbaoloi.aspx?ID=1");
            }
            if (dt.Rows[0]["MaQuyen"].ToString() == "1")
            {
                Response.Redirect("~/Admin/sanpham.aspx");
            }
        }

        protected void btnhuydn_Click(object sender, EventArgs e)
        {

        }
    }
}